Cadence: the resource-oriented smart contract programming language of the Flow network. Capability-based security, type safety, and move semantics

Sandboxed plugin VM with typed capabilities, deterministic replay, and time-travel debugging — written in Rust.

Decentralized OS for multi-tool agent swarms.

Governed AI agent runtime with a local-first desktop app + CLI. Chat with any model (Claude, OpenAI, Groq, Ollama, LM Studio); every action passes Intent → Proposal → Commit through signed capability writs, risk-gated approvals, and a replayable hash-chained ledger. Watch it think in the Mind graph. Cognition proposes; the runtime governs.

Three packages: @kernel.chat/agent-os (POSIX for AI agents — capabilities, namespaces, quotas, taint, audit, vault, outcomes), @kernel.chat/kbot (terminal AI agent, MCP-native, BYOK), @kernel.chat/kbot-finance (audit-grade AI for regulated industries). Provenance-engineering substrate.

Compile-time capability-based security for Rust

InferNode is a security-focused 64-bit Inferno® OS (ARM64/AMD64) for embedded systems, servers, and AI agents. GPL-free, headless-capable, with 280+ utilities and 9P filesystem protocol. Providing a namespace-based alternative to MCP servers. Namespace-bounded security has been formally verified.

The home of the Cadence website

Zero-trust, capability-based Rust microkernel targeting formal verification. Tri-arch (x86_64 / AArch64 / RISC-V). Sovereign and generative: no telemetry, user owns keys and data. Early-stage — see STATUS.md. Inspired by seL4, Hubris, and Redox.

Aster RPC -- peer-to-peer RPC framework with identity in the connection. Machines authenticate to machines, on behalf of users. Built on iroh QUIC + Apache Fory + capability-based credentials.

The markdown coordination layer for agents. One readable timeline where agents claim tasks, post results, and hand off work. You see everything. They never duplicate work.

A systems language with compile-time capability enforcement

Semantic substrate for programming languages

A Rust-based research microkernel operating system for RISC-V, focused on capability-based security, deterministic testing, and a Service-Plane userspace.

Multi-version WASI polyfill (preview1/2/3) for browsers and JavaScript runtimes, with Web Platform API host imports for WebAssembly components.

Deterministic, auditable, capability-safe autonomous agent framework in Rust. Event-sourced, replayable, with governed self-evolution.

A deterministic, distributed, capability-safe execution fabric for agent workflows with verifiable replay and certified audit trails

A local-first contract layer for cyber-physical systems: identity, capability, granted authority, and declared failure behaviour, composed over the stacks you already run.

A local-first WebAssembly sandbox runtime with capability-based security

Capability-based authorization and policy enforcement for agents using large MCP and A2A tool ecosystems.